Re: CVE-2010-1640 and CVE-2010-1639 (clamav) fixed in volatile
Hi,
Yves-Alexis Perez wrote:
> #584183 is marked as fixed in version 0.96.1+dfsg-1~volatile1 (the one
> in lenny volatile) but the tracker doesn't see it, so debsecan thinks
> the package is vulnerable. Could that version be marked as “fixed”?
No, neither the tracker nor the stable or testing security teams support
volatile. The real reason is the technical limitation, but we can not even
do it for backports (where somebody was said to work on security support
there.)
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Reply to: